Computers to attack file-sharing websites as clocks reach midnight
The W32/Netsky-Q worm is set to launch distributed denial of service attacks against a number of websites as infected computers pass midnight tonight.
The Netsky-Q worm - which according to Sophos research is currently the 8th most prevalent worm in the wild - attempts to bring down file-sharing websites, such as the popular KaZaA, between 00:01 8 April and 11 April 2004.
"The worm is using innocent infected computers around the world to try and launch its attack," said Graham Cluley, senior technology consultant for Sophos. "The worm sits in the background watching the infected computer's internal clock. Once it clicks over to 8 April the barrage begins, so it's possible the websites may be affected as computers in Asia Pacific change their date first."
The full list of websites targeted by W32/Netsky-Q is www.cracks.st, www.cracks.am, www.emule-project.net, www.kazaa.com, and www.edonkey2000.com.
"The Netsky-Q worm launches its strikes against the websites over the long Easter weekend holiday. Home users should ensure their computers are properly protected with anti-virus updates and a personal firewall to ensure they are not contributing to the problem," continued Cluley.
The owners of the eMule website have advised users in a statement on their website that www.emule-project.net will be unavailable "because of the upcoming DDoS Attack against our servers" and suggests they use a mirrored version of their site instead.
Earlier this year the MyDoom worm successfully knocked SCO's website off the internet via a distributed denial of service attack. Other websites targeted for similar attacks in the past have included those belonging to Microsoft and the RIAA.
Sophos recommends that companies ensure their systems are protected with the latest anti-virus updates. Sophos's anti-virus solutions can be automatically updated, ensuring the latest virus protection is in place against the latest threats even when your office is unmanned.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.